Many modern appliances, consumer devices, and other devices include embedded systems that are configured to perform one or more dedicated functions. However, most embedded systems of such devices do not include networking capabilities, role based access control capabilities, remote interface capabilities, remote control capabilities, or related capabilities. Designing such functionality into an embedded system, designing application programming interfaces (APIs) for accessing such functionality, designing web services capable of communicating with and controlling the embedded system via this added functionality, and designing applications for taking advantage of this functionality can consume considerable resources of the device manufacturer.
Moreover, access control for most devices that include embedded systems is hard coded into the embedded system and is inflexible. At design time a manufacturer typically sets up a single access policy for an embedded system, and that single access policy persists for the life of the device for all users regardless of who they are.